Merge "Introduce Pixel mailbox module" into main
diff --git a/gcam_app/sepolicy/product/private/debug_camera_app.te b/gcam_app/sepolicy/product/private/debug_camera_app.te
index 4402e55..9d4643d 100644
--- a/gcam_app/sepolicy/product/private/debug_camera_app.te
+++ b/gcam_app/sepolicy/product/private/debug_camera_app.te
@@ -1,28 +1,16 @@
# GCANext and GCAEng.
-# b/363018500
typeattribute debug_camera_app coredomain;
userdebug_or_eng(`
app_domain(debug_camera_app)
net_domain(debug_camera_app)
- allow debug_camera_app activity_service:service_manager find;
- allow debug_camera_app activity_task_service:service_manager find;
+ allow debug_camera_app app_api_service:service_manager find;
allow debug_camera_app audioserver_service:service_manager find;
- allow debug_camera_app batterystats_service:service_manager find;
allow debug_camera_app cameraserver_service:service_manager find;
- allow debug_camera_app device_policy_service:service_manager find;
- allow debug_camera_app device_state_service:service_manager find;
- allow debug_camera_app gpu_service:service_manager find;
allow debug_camera_app mediaextractor_service:service_manager find;
allow debug_camera_app mediametrics_service:service_manager find;
allow debug_camera_app mediaserver_service:service_manager find;
- allow debug_camera_app powerstats_service:service_manager find;
- allow debug_camera_app sensorservice_service:service_manager find;
- allow debug_camera_app thermal_service:service_manager find;
- allow debug_camera_app trust_service:service_manager find;
- allow debug_camera_app vibrator_manager_service:service_manager find;
- allow debug_camera_app virtual_device_native_service:service_manager find;
# Allows GCA_Eng & GCA-Next to access the PowerHAL.
hal_client_domain(debug_camera_app, hal_power)
diff --git a/input/gia/aidl/compatibility_matrix.xml b/input/gia/aidl/compatibility_matrix.xml
new file mode 100644
index 0000000..1a348ea
--- /dev/null
+++ b/input/gia/aidl/compatibility_matrix.xml
@@ -0,0 +1,10 @@
+<compatibility-matrix type="framework" version="1.0">
+ <hal format="aidl" optional="true">
+ <name>com.google.input.gia.core</name>
+ <interface>
+ <name>IGiaService</name>
+ <instance>default</instance>
+ </interface>
+ <version>1</version>
+ </hal>
+</compatibility-matrix>
\ No newline at end of file
diff --git a/input/gia/aidl/manifest.xml b/input/gia/aidl/manifest.xml
new file mode 100644
index 0000000..98303c8
--- /dev/null
+++ b/input/gia/aidl/manifest.xml
@@ -0,0 +1,10 @@
+<manifest type="device" version="1.0">
+ <hal format="aidl" optional="true">
+ <name>com.google.input.gia.core</name>
+ <interface>
+ <name>IGiaService</name>
+ <instance>default</instance>
+ </interface>
+ <version>1</version>
+ </hal>
+</manifest>
\ No newline at end of file
diff --git a/input/gia/gia.mk b/input/gia/gia.mk
new file mode 100644
index 0000000..ea079ca
--- /dev/null
+++ b/input/gia/gia.mk
@@ -0,0 +1,11 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/input/gia/sepolicy
+
+PRODUCT_PACKAGES += gia
+PRODUCT_PACKAGES += com.google.input.gia.giaservicemanager
+
+PRODUCT_SOONG_NAMESPACES += vendor/google/interfaces
+PRODUCT_SOONG_NAMESPACES += vendor/google/input/gia/core
+PRODUCT_SOONG_NAMESPACES += vendor/google/input/gia/core-servicemanager
+
+DEVICE_MANIFEST_FILE += device/google/gs-common/input/gia/aidl/manifest.xml
+DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/input/gia/aidl/compatibility_matrix.xml
diff --git a/input/gia/sepolicy/attributes b/input/gia/sepolicy/attributes
new file mode 100644
index 0000000..1d61ad3
--- /dev/null
+++ b/input/gia/sepolicy/attributes
@@ -0,0 +1,2 @@
+# This macro produces: define hal_gia, hal_gia_client, hal_gia_server
+hal_attribute(gia)
diff --git a/input/gia/sepolicy/file_contexts b/input/gia/sepolicy/file_contexts
new file mode 100644
index 0000000..99d6857
--- /dev/null
+++ b/input/gia/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+# chmod +x in SEPolicy language
+/vendor/bin/gia u:object_r:gia_exec:s0
diff --git a/input/gia/sepolicy/gia.te b/input/gia/sepolicy/gia.te
new file mode 100644
index 0000000..2c84e7c
--- /dev/null
+++ b/input/gia/sepolicy/gia.te
@@ -0,0 +1,18 @@
+# SEPolicies for GIA (Google Input interface Abstraction layer)
+type gia, domain;
+type gia_exec, exec_type, vendor_file_type, file_type;
+
+# Macro transferring gia_exec to the gia domain
+init_daemon_domain(gia)
+
+# let this domain use the hal service
+hal_client_domain(gia, hal_gia)
+# allow binder communication with service_manager
+binder_use(gia)
+
+# let this domain serve the hal service
+hal_server_domain(gia, hal_gia)
+
+# allow gia for accessing touch related system file-nodes
+allow gia sysfs_touch_gti:dir r_dir_perms;
+allow gia sysfs_touch_gti:file rw_file_perms;
diff --git a/input/gia/sepolicy/hal_gia.te b/input/gia/sepolicy/hal_gia.te
new file mode 100644
index 0000000..b75c9fb
--- /dev/null
+++ b/input/gia/sepolicy/hal_gia.te
@@ -0,0 +1,8 @@
+# allow binder connection from client to server
+binder_call(hal_gia_client, hal_gia_server)
+
+# allow client to find the service & allow server to register the service
+hal_attribute_service(hal_gia, hal_gia_service)
+
+# allow binder communication from server to service_manager
+binder_use(hal_gia_server)
diff --git a/input/gia/sepolicy/service.te b/input/gia/sepolicy/service.te
new file mode 100644
index 0000000..aed1135
--- /dev/null
+++ b/input/gia/sepolicy/service.te
@@ -0,0 +1,2 @@
+# Declares GIA related services
+type hal_gia_service, hal_service_type, protected_service, service_manager_type;
diff --git a/input/gia/sepolicy/service_contexts b/input/gia/sepolicy/service_contexts
new file mode 100644
index 0000000..b1773ec
--- /dev/null
+++ b/input/gia/sepolicy/service_contexts
@@ -0,0 +1,2 @@
+# Attaches GIA services to the cooresponding SEPolicy group
+com.google.input.gia.core.IGiaService/default u:object_r:hal_gia_service:s0
diff --git a/storage/init.storage.rc b/storage/init.storage.rc
index 77057cd..9e4acd4 100644
--- a/storage/init.storage.rc
+++ b/storage/init.storage.rc
@@ -1,3 +1,11 @@
+on init
+ # Make foreground and background I/O priority different. none-to-rt was
+ # introduced in kernel 5.14. promote-to-rt was introduced in kernel 6.5.
+ # Write none-to-rt first and promote-to-rt next to support both older and
+ # newer kernel versions.
+ write /dev/blkio/blkio.prio.class none-to-rt
+ write /dev/blkio/blkio.prio.class promote-to-rt
+
on property:ro.build.type=userdebug
write /dev/sys/block/bootdevice/pixel/enable_pixel_ufs_logging 1
chown system /dev/sg3
@@ -36,13 +44,6 @@
write /dev/sys/block/bootdevice/clkgate_enable 0
on property:sys.boot_completed=1
- # Make foreground and background I/O priority different. none-to-rt was
- # introduced in kernel 5.14. promote-to-rt was introduced in kernel 6.5.
- # Write none-to-rt first and promote-to-rt next to support both older and
- # newer kernel versions.
- write /dev/blkio/blkio.prio.class none-to-rt
- write /dev/blkio/blkio.prio.class promote-to-rt
-
# Health Storage HAL
chown system system /dev/sys/block/bootdevice/manual_gc
diff --git a/widevine/sepolicy/hal_drm_widevine.te b/widevine/sepolicy/hal_drm_widevine.te
index 9b4792e..98b49e6 100644
--- a/widevine/sepolicy/hal_drm_widevine.te
+++ b/widevine/sepolicy/hal_drm_widevine.te
@@ -10,4 +10,5 @@
allow hal_drm_widevine mediadrm_vendor_data_file:dir create_dir_perms;
#L1
-#TODO(snehalreddy@) : Add L1 permissions
+allow hal_drm_widevine dmabuf_system_heap_device:chr_file r_file_perms;
+